Misleading applications are prevalent. Such misleading applications may be fake applications causing users to download malware onto their computers or fake applications which do not work for a suggested purpose (e.g., fake antivirus programs that contain a realistic user interface imitating a scanning action which does not actually scan a computer for viruses). Such misleading applications may introduce viruses, steal account information, charge subscription fees while providing no value, and perform other malicious actions.
Misleading applications may be difficult to detect using conventional computer security techniques. For example, misleading applications may resemble legitimate applications, thus conventional behavioral techniques may not be able to detect such misleading applications. Also, misleading applications may not be associated with a known domain or may frequently change domains, thus blacklisting a domain may not be effective. Furthermore, misleading applications may vary a composition of downloadable software (e.g., varying size or code segments of fake anti-virus software) so that it may be difficult to detect misleading applications using a signature or a footprint.
In view of the foregoing, it may be understood that there may be significant problems and shortcomings associated with current technologies for detecting and/or identifying misleading applications.